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[57] ABSTRACT 

An interroediary provides certificate information by receiv- 
ing from a first other entity authenticated certificate 
information, processing at least a portion of the authenti- 
cated certificate information to obtain deduced information, 
if the deduced information is consistent with the authenti- 
cated certificate information, having a witness construct 
authenticated deduced information by authenticating at least 
one of: the deduced iirformalion, the deduced information 
together with date information, and the deduced information 
together with additional information, and by providing the 
authenticated deduced information. The date information 
may be at least one of: the current date and date information 
of the authenticated certificate information. The witness may 
do the processing. The witness may be the intermediary. The 
authenticated certificate information and/or the authenti- 
cated deduced information may include a digital signature, 
which may be relative to a verification key that is part of an 
issued certificate and/or may be computed by applying a 
one-way function to one or more secret values or by iterating 
a one-way function. The digital signature may keep the 
witness accountable for the fact that the authenticated 
deduced information is consistent with the authenticated 
certificate information. 

85 Claims, No Drawings 
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WITNESS-BASED CERTIFICATE certificate for PK,. In fact, SIG B (M) may be a correct digital 

REVOCATION SYSTEM signature of M with respect to some public key PK,,. but R 

has no guarantee that PK„ is indeed U's public key. Recipi- 

This application is a continuation in part of U.S. patent ent R may obtain this certificate from the Directory, or from 

application No. 08/636.854. filed on Apr. 23, 1996, now U.S. 5 his own memory (if he has previously cached it), or from U 

Pat No. 5.604.804. and is based on U.S. provisional patent himself. Having done this. R verifies (1) me correctness of 

application No. 60/025.128 filed on Aug. 29, 1996 and on the CA's certificate for PK. withrcsp^* tothe CAs public 

U.S. provisional patent application No. 60/024.786 filed on key. and (2) the correctness of SIG„(M) . wdh respect to PK^ 

Sep. 10. 1996, and is also a continuation in part of U.S. If the CA's public key is not universally known, or cached 

patent application No. 08/741.601. filed on Nov. 1. 1996. W with R. then a certificate for the CA s key may also be 

which is based on U.S. provisional application No. 60/006. obtained. 

143. filed on Nov. 2, 1995. Certificate retrieval is thus possible, although not neces- 

sarily cheap. Unfortunately, however, this is not the only 

TECHNICAL FIELD retrieval that R needs to do. In addition, it is important that 

The present invention relates generally to secure commu- 15 R makes sure that the certificate for PK. has not been 

nications and more particularly to schemes for certificate revoked. This check, of course, may not be needed after toe 

manaeement certificate's expiration date, but may be needed during the 

c certificate's alleged lifetime. A user's certificate can be 

BACKGROUND OF THE INVENTION revoked for a variety of reasons, including key compromise 

_ . . , . . .., . „, ,„„,. „ t „ 20 and the fact that the user is no longer associated with a 

In many settings, it is useful to certify dam. as well as to ~r" 

revoke data that was previously certified. For instance, in a particular CA. 

Public Key Infrastructure (PKI). it may be useful to certify To enable a reefcient to establish whether a given ceittfi- 
users' public keys. Such certification may be provided in the cute has been revoked, it is known to have each CA 
form of a certificate which contains the certified data and ,« periodically issues a Certificate Revocation List (CRL for 
vouches authenticity of the certified data. 25 short). A CRL may consist of the issuer s digital signature of 

In a digital signature scheme, each user U chooses a a header comprising the issuer's name (as well as the . type 
siglg key SIC Sa a matching verification key. PK,, User of bis signature algontan). Je Jate erf toe 

Uuses SKL torompute a digital signature of a message m. 1«» update, and the date of the next update togettier witha 
aXxwhae^^ „ completeli«of re vol^«rtulcates^osedatehasno2et 

can verift Ttha SIG (m) 1 Tu ? s signature of m Finding 30 each with its serial number and revocation date. 

in U's interest to keep SK„ secret (so that only he can CRL to end users. 

digitally sign for U) and to make PK^ as public as possible After performing some checks on the CA s CRL (e£, 

(so that everyone dealing with U can verify U's digital checking the CA's digital signature, checking that the CRL 

signatures). At the same time, in a world with millions of has arrived at the expected time, that a certificate declared 

users, it is essential in the smooth flow of business and revoked in the previous CRL of that CA-and not yet 

communications to be certain that PK„ really is the legiti- ^ expired-^till is revoked in the current CRL. etc), the 

mate key of user U. To this end. users' public keys are often Directory stores it under the name of the CA. 

"certified" by a certificate that serves as proof that U is the When a user queries the Directory about the revocation of 

legitimate owner of PK,,. At the same time it is also useful a certificate issued by a given CA, the Directory responds by 

to be able to revoke some of the already-issued certificates sending to the user the latest CRL of that CA. The user can 

when U is no longer the legitimate owner of PK,, (for 43 then check the CRL signature, the CRL dates (so as to 

whatever reason) and/or when SK„ has been compromised. receive a reasonable assurance that he is dealing with the 

Of course, the need for certification and certificate revoca- latest one), and whether or not the certificate of interest to 

tion extends beyond certifying public keys. him belongs to it 

In many instances, certificates for users' public keys are While CRLs are quite effective in helping users estab- 

produced and revoked by certifying authorities called CA's. 50 lishing which certificates are no longer deemed valid, they 

A complete public key infrastructure may involved other are also extremely expensive, because they tend to be very 

authorities (eg., PCAs) who may also provide similar ser- long and need to be transmitted very often, 

vices (e.g., they may certify the public keys of their CA's). The National Institute of Standard and Technology has 

The present discussion can be easily applied to such other tasked the MITRE Corporation to study the organization and 

authorities in a straight-forward manner. 55 CO st of a Public Key Infrastructure (PKI) for the Federal 

A CA may be a trusted agent having an already certified Government This study estimates that CRLs constitute by 

(or universally known) public key. To certify that PK^ is IT s far the largest entry in the Federal PKTs cost list According 

public key, a CA typically digitally signs PK. together with to MITRE' s estimates/assumptions, in the Federal PKI there 

(e.g., concatenating it with) U's name, a certificate serial are about three million users, each CA serves 30,000 users, 

number, the current date (Le., the certification or issue date), 60 10% of the certificates are revoked (5% because of key 

and an expiration date. The CA's signature of PK„ is then compromise and 5 % because of change in affiliation with 

inserted in a Directory and/or given to U himself. Note that the organization connected to a given CA). CRLs are sent 

before certifying U's public key, it is necessary to perform out hi-weekly, and the recipient of a digital signature 

additional steps, such as properly identifying user U. requests certificate Mormation 20 % of the time (assuming 

However, these additional steps are optional. 65 that the remaining 80 % of the time he will be dealing with 

Upon receiving the (alleged) digital signature of user U of public keys in his cache). The study envisages that each 

a message M, SIG^M), a recipient R needs to obtain a revoked certificate is specified in a CRL by means of about 
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9 bytes: 20 bits of serial Dumber and 48 bits of revocation 
date. Thus, io the Federal PIG, each CRL is expected to 
comprise thousands of certificate serial numbers and their 
revocation dates; the header, however, has a fixed length, 
consisting of just 5 1 bytes. 

At two cents per kilobyte, the impact of CRL transmission 
on the estimated yearly costs of running the Federal PKI is 
stunning: if each federal employee verifies one hundred 
digital signatures per day on average, then the total PIG 
yearly costs are $ 10,848 million of which $10237 million is 
due to CRL transmission. If each employee is assumed to 
verify just five digital signatures a day on average, then the 
total PIG yearly costs are $732 million, of which 563 million 
is due to CRL transmission. 

The MITRE study thus suggests that any effort should be 
made to find designs alternative to and cheaper than con- 
ventional CRL's. One alternative is found in a November 
1995 article by the applicant of the present application, 
which describes adding a special field in a certificate that 
facilitates handling revocation by making it possible to 
determine whether a give certificate is valid or revoked 
without having to prove the revocation status of all certifi- 
cates. 

A similar system is proposed in the "Final Text of Draft 
Amendments DAM 4 to ISO/IEC 9594-2, DAM 2 to 
ISOflEC 9594-6, DAM 1 to ISO/IEC 9495-7, and DAM 1 
to ISO/IEC 9594-8 on Certificate Extensions**. That docu- 
ment discusses using "distribution points" to indicate a 
source of CRL information for each certificate. A distribu- 
tion point is a new quantity that a CA certifies within a 
certificate. This new quantity allows one to prove whether a 
given certificate is valid or revoked without proving the 
validity of all certificates. In fact certificate revocation is 
proved relative to this new quantity, and if a certificate has 
a new quantity X and another certificate has a new quantity 
Y, then it is possible to prove the validity of the first 
certificate without also proving the validity of the second 
certificate; in fact the revocation information about the first 
certificate is verified using the quantity X and the revocation 
information about the second certificate is verified using the 
quantity Y In fact revocation information about a certificate 
having a distribution point X, can be found within a CRL 
having a distribution point that is also X This reduces a 
single CRL to a number of smaller CRLs. Thus, using 
distribution points introduces a new field in the certificate so 
as to be able to provide more efficient certificate revocation 
infoimation. 

A system that certifies a new field within a certificate is 
described in a technical report by Dr. Silvio Micali rifled ^ is consistent with the authenticated certificate information. 
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the user is NOT "compatible" with the chosen formats, so 
that in order to retrieve it, the user also gets excessive 
information. This excess of information (e.g.. receiving in a 
CRL information proving that other, irrelevant certificates 
have been revoked) translates in substantial transmission 
and storage costs for the users. 

However, if the prior art may do away with some storage 
costs, these cost savings do not apply to transmission costs. 
Indeed, to inspect a CA-signed CRL. for example, a user 
must first receive this lengthy document Only then can he 
decide not to store it. trusting that if needed, he could get it 
again from the Directory or from the original CA. 

SUMMARY OF THE INVENTITON 

According to the present invention, an intermediary pro- 
vides certificate information by receiving from a first other 
entity authenticated certificate information, processing at 
least a portion of the authenticated certificate information to 
obtain deduced information, if the deduced information is 
consistent with the authenticated certificate information, 
having a witness construct authenticated deduced informa- 
tion by authenticating at least one of: the deduced 
information, the deduced information together with date 
information, and the deduced information together with 
additional information, and by providing the authenticated 
deduced information. 

According further to the present invention, an intermedi- 
ary provides certificate information by receiving from a first 
other entity authenticated certificate information, processing 
at least a portion of the authenticated certificate information 
to provide deduced information, if the deduced information 
is consistent with the authenticated certificate information, 
having a plurality of witnesses construct authenticated 
deduced information by authenticating at least one of: the 
deduced information, the deduced information together with 
date information, and the deduced information together with 
additional information, and providing the authenticated 
deduced information. One of the witnesses may be the 
intermediary. Processing at least a portion of the authenti- 
cated certificate information may be performed by each of 
the witnesses. At least two of the witnesses may produce a 
digital signature which may then be combined into a single 
digital signature. 

According further to the present invention, an intermedi- 
ary provides certificate information by receiving from a first 
other entity authenticated certificate information, processing 
at least a portion of the authenticated certificate information 
to provide deduced information, if the deduced information 



"Enhanced Certificate Revocation System". The system 
described therein adds a one hundred bit field to a certificate 
to facilitate certificate revocation. The CA periodically 
releases a one hundred bit value that when verified along 
with the one hundred bit field of the certificate, proves that 
the certificate is valid and/or revoked. 

Other techniques have been developed for decreasing 
CRL costs. One such technique involves using so-called 
"delta CRLs" in which a user receives, at every CRL update, 
a CA-signed list of all the certificates revoked since the last 
CRL. Thus such a user receives less bits than an entire CRL, 
but he receives them whether he needs them or not 

These and other prior-art techniques, however, have some 
inherent limitations. In essence, the CA packages certificate 
information in various formats that are provided by the 
directories to the users. Nonetheless, the possibility still 
remains that the revocation information actually needed by 
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having a plurality of witnesses contribute to authenticating 
at least one of: the deduced information, the deduced infor- 
mation together with date information, and the deduced 
information together with additional information, and pro- 
viding the authenticated deduced information. At least two 
of the witnesses may have a portion of a secret signing key. 
Two of the witnesses may contribute a digital signature of at 
least one of: the deduced information, the deduced infor- 
mation together with date information, and the deduced 
information together with additional information. The digi- 
tal signatures of at least two of the witnesses may be 
combined into a single digital signature. A t out of n digital 
signature scheme may be used to combine the digital sig- 
natures where t may equal n. 

The date information may be at least one of: the current 
date and date information of the authenticated certificate 
information. The witness may do the processing. The wit- 
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ness may be the intermediary. The authenticated certificate indicate that at least one certificate is valid. The authenti- 

information and/or the authenticated deduced information cated deduced information includes at least one reissued 

may include a digital signature, which may be relative to a certificate indicating that a certificate is valid and/or mdi- 

verification key that is part of an issued certificate and/or eating that the validity period of a certificate has been 
may be computed by applying a one-way function to one or 5 modified. The authenticated certificate information may 

more secret values or by iterating a one-way function. The include at least one of anf ormation indicating issued certifi- 

digital signature may keep the witness accountable for the cates and information indicating certificates that should be 

fact that the authenticated deduced information is consistent reissued, and the authenticated deduced information may 

with the authenticated certificate information, include at least one reissued certificate indicating that the 

The intermediary and/or the witness may cause the w reissued certificate is valid and^r mat a vaUdity penod for 

authenticated information to be saved in order to prove that the certificate has been modified, 

the deduced information is consistent with authenticated The authenticated certificate information may include at 

certificate information. The witness may determine if the least one ofunformation indicating issued Certificates and 

deduced information is consistent with the authenticated infonnatioo indicating currently valid certificates and the 
certificate information. 15 deduced information may indicate that at least one certificate 

Processing the authenticated certificate information may is revoked. The authenticated certificate mformabon may 

include extracting identifiers of revoked certificates from the include at least one of:informatLon ^caUng evoked cer- 

authenticated certificate information and providing the tificates and formation indicating ; va^d ceil^catesjmd rJie 

Ziced information by dividing the identifiers of the deduced information may indicate that at least one certificate 
revoked certificates into a plurality of lists, where each of the 20 is issued. 

lists includes all identifiers between a first value and a The witness may use tamper-proof hardware. The tamper- 
second value. The identifiers may include serial numbers proof hardware may have a signing key used to authenticate 
and/or user names. the deduced information. The tamper-proof hardware may 

Processing the authenticated certificate information may be implemented using a single integrated circuit 
include extracting an identifier of a revoked certificates from 23 A second other entity may determine if the deduced 

the authenticated certificate information and providing an information is consistent with the authenticated certificate 

indication that the identifier corresponds to a revoked cer- information. The second other entity may provide the wit- 

tificate. Alternatively, processing the authenticated certifi- ness with an indication that the deduced information is 

cate information may include deducing from the authenti- consistent with the authenticated certificate information. The 

cated certificate information that a certificate is currently 30 authenticated deduced information may be provided in 

valid and providing an indication that the certificate corre- response to a query. The query may include of a program 

spends to a valid certificate. that operates on the authenticated certificate information. 

The authenticated certificate information may relate to a The query may be encrypted. The intermediary may not be 

plurality of certificates and r^smg ir^y include obtain- 35 able to identify a source of *e query Jh c aa^uona^ 

ing the deduced formation by determining that a proper information may include an indication of the query, which 

subset of the certificates has been revoked. The authenti. may be a one-way hash of the query, 

cated certificate information may relate to a plurality of The deduced information may contain less bits that a 

certificates and processing may include obtaining the smallest piece of certificate information that is usable for 

deduced information by determining that a proper subset of ^ obtaining the deduced information and the certificate infor- 

the certificates are valid The authenticated certificate infor- mation may be information mat is authenticated in the 

mation may relate to a plurality of certificates and process- authenticated certificate information. The deduced infonna- 

ing may include obtaining the deduced information by tion may be different from any piece of certificate informa- 

determining which of a proper subset of the certificates are tion that is usable for obtaining the deduced information and 

valid and which of a proper subset of the certificates are 45 the certificate information may be information that is 

revoked. authenticated in the authenticated certificate infornuition. 

Processing the authenticated certificate information may The intermediary may not revoke certificates and/or issue 

include obtaining the deduced information by identifying all certificates. The first other entity may be a certification 

of the revoked certificates sharing a given characteristic and authority. The deduced information may be authenticated by 

the additional information may include an indication of the y, being posted in a read-only fie that is writable only by at 

characteristic. The characteristic may include having a cer- least one ofrthe witness and the intermediary, 

tificate identifier between two given values or may include The authenticated certificate information may include a 

a distribution point that is assigned by an issuing authority hierarchical certificate and the authenticated deduced infor- 

when a certificate is created. mation may include a reissued certificate. The reissued 

The authenticated certificate information may indicate a 55 certificate may include at least one of: a digital signature of 

verification key of a certificate, the deduced information the witness and a digital signature of the witness together 

may indicate that the certificate is valid, and providing the with a certificate for a public key of the witness. The 

authenticated deduced information may include producing a reissued certificate may expire when the hierarchical cer- 

digital signature relative to the verification key to prove that tificate expires. The reissued certificate may contain less bits 

the certificate is valid. The authenticated certificate infor- 60 than the hierarchical certificate. The reissued certificate may 

mation may include at least one ofrindication of issued contain less hierarchical certificate information than the 

certificates and indication of revoked certificates. The indi- hierarchical certificate. The reissued certificate may not 

cation of revoked certificates may include a CRL. contain at least one digital signature contained in the hier- 

The authenticated certificate information may include at archical certificate. Hie reissued certificate may be verifiable 
least one ofunformation indicating issued certificates and 65 by verifying the signatures of less authorities than the 
information indicating certificates that should no longer be hierarchical certificate. The reissued certificate may be ven- 
issued and the authenticated deduced information may fiable relative to a universally known public key by venry- 
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iug the signatures of less authorities than the hierarchical 
certificate. The reissued certificate and the hierarchical cer- 
tificate may be verifiable relative to the same universally 
known public key. 

The authenticated deduced information may be provided 
in response to a query of a user. At least a portion of the 
query may be hidden from the intermediary and/or may be 
encrypted with a key of the tamper-proof hardware. The 
query may relate to one or more certificates, and at least one 
serial number of the one or more certificates may be 
encrypted with the key of the tamper-proof hardware. The 
query may include an indication of a key of the user which 
may be encrypted with the key of the tamper-proof hard- 
ware. At least a portion of the authenticated deduced infor- 
mation may be encrypted with the key of the user. At least 
a portion of the query may remain hidden from the inter- 
mediary when the authenticated deduced information is 
provided. 

DET AILED DESCRIPTION OF THE 
PREFERRED EMBODIMENTS 

The following shows how to use directories, 
mtermediaries, and other entities in a convenient and reliable 
Witness System that enables users to save transmission costs 
of certificate information. Note that an intermediary can a 
directory, an authority, a user, or another entity .(or a 
collection of entities) that provide certificate information to 
users. In particular, an intermediary could be a machine or 
a computer file available to users. 

In one embodiment CAs regularly send intermediaries 
CA-authenticated information such as issued certificates and 
CRLs (preferably all digitally signed and dated). A user 
requests information from the intermediary about a specific 
certificate C by, for instance, specifying CA and serial 
number of certificate C. Then, the intermediary consults the 
CA-signed record to deduce whether C is currently valid, or 
revoked, (or ever issued, for that matter), and men authen- 
ticates (e.g., digitally signs) and provides to the user the 
authenticated deduced information. Notice, therefore, that in 
such a system, the certification authorities retain power to 
issue and revoke certificates, while the intermediary acts as 
a witness of the CA decisions. Such a witness, however, is 
kept accountable for the deduced information the witness 
provides to a user by virtue of the witness authenticating the 
deduced information. Thus, it is not in the interest of an 
intermediary to provide false authenticated information to a 
user because the user may save the authenticated deduced 
information to prove that the intermediary provided false 
information. At the same time, the mtermcdiary may save 
the CA-signed information that was used to obtain the 
deduced information provided to the user. This way, the 
intermediary may prove that the deduced information pro- 
vided to a user is consistent with information provided by 
the CA. 

More generally, in a witness system, authenticated cer- 
tificate information is received from a first other entity and 
at least a portion of the information is processed to obtain 
deduced information. If the deduced information is consis- 
tent with the authenticated certificate information, a witness 
authenticates the deduced information (possibly together 
with additional information, such as date information, infor- 
mation about the witness, information about the authentica- 
tion process, etc.). Note that the deduced information may 
contain less bits than the authenticated certificate informa- 
tion used to obtain the deduced information. Note also that 
the deduced information may be different than any portion 
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of the authenticated certificate information because the 
requestor of the deduced information requires or desires to 
receive authenticated information different from the authen- 
ticated certificate information. 

5 In a preferred embodiment, the deduced information is 
information other than the information that is authenticated 
in the authenticated certificate information. The following 
examples illustrate. For instance, the authenticated certifi- 
cate information may consist of (1) the set S of all not- 

10 expired certificates issued by a given CA and (2) the latest 
CRL of the CA; while the deduced information may consist 
of an indication that two given certificates of the CA have 
been revoked and a third certificate of the CA is still valid 
(up to the CRL date). In fact the latter information, though 

15 deducible from the above CA-signed dam. was not digitally 
signed by the CA and hence was not part of the authenticated 
certificate information. As for another example, the authen- 
ticated certificate information may be the same as above, 
while the deduced information indicates that a given cer- 

23 tificate C in S is valid. Though C is an explicit part of the 
authenticated certificate information, the state of Cs validity 
is not, even though such information is deducible from the 
authenticated certificate information. Indeed, even if the 
witness digitally signs C, or the data certified in C, together 

23 with a later (with respect to C) date D to signify that C is 
valid up to D, the digital signature of the witness constitutes 
authenticated deduced information. In fact, C by itself does 
not convey information about its own validity at date D. 
Only C together with a CRL (or some other suitable 

30 information) can such a validity be deduced. As another 
example, assume that, at a later date D. the witness digitally 
signs only the data certified in C. Then, if it is understood 
that the witness does so only to indicate that the validity 
period of such data has been modified (e.g., extended if, for 

35 instances, C has already expired) or to indicate thatC is still 
valid (if, for instance. C is not yet expired), then the witness* 
signature constitutes authenticated deduced information. 

The advantage of such witness system is that, while an 
intermediary may make use of lengthy documents (such as 

40 CRLs) in order to respond to a query, the intermediary 
provides the user with much shorter answers. For instance, 
a mtermcdiary may make use of a 200,000-bit CRL. but 
provide the user with a 1,000-bit signature authenticating the 
status of a Single certificate in response to the query of the 

4 5 user. Alternatively, the intermediary may use a CRL or 
authenticate information about a given set of certificates to 
deduce and authenticate the status of a proper subset of the 
certificates. (A proper subset is a non-empty subset that is 
less than an entire set). 

50 Alternatively, the CA may send the mtennediary no 
CRLs. For instance, the CA may just send issued certificates 
and some other indication as to which certificates are 
revoked (e.g., notification of each individual certificate 
revocation or small groups of identifiers of revoked 

ss certificates). Preferably, the CA sends the information in an 
authenticated manner. The intermediary may use the infor- 
mation to provide deduced certificate information which is 
then authenticated. Note that the authenticated deduced 
information may be any type of certificate information. For 

60 instance, the intermediary may use authenticated informa- 
tion from the CA to construct a CRL. 

Alternatively, a CAmay issue only short-lived certificates 
(e.g., certificates that expire on the same day of issuance) 
that do not need to be explicitly revoked. The CA indicates 

65 (e.g. daily) to the intermediary (preferably in an authenti- 
cated manner) which of the certificates should be reissued. 
In this case, the authenticated deduced information provided 
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by the mtermediary may include the reissued certificate. For diary may simply make use of tamper-proof hardware, 
instance, the intermediary may reissue a certificate by digi- Tamper-proof hardware may include a device that is pro- 
tally signing information already in the certificate (e.g., in tected so that contents of portions of the device can not be 
the caseof a public-key certificate, the public key, the user examined or altered Such a tamper-proof device may con- 
name, etc.) together with the current date, and possibly 5 tain a secret signing key so that the authenticated deduced 
indications of the current issuer and/or the CA that causes information of an intermediary may consist of a digital 
the issuance. In particular, the intermediary may produce a signature of the deduced information produced by the 
digital signature proving that a given certificate is valid tamper-proof device. To guarantee that the deduced infor- 
wherein the digital signature is relative to a public key mat mation is consistent with the CA-authenticated information, 
is authenticated within the certificate itself. Each digital the CA-authenticated information may be fed to the tamper- 
signature could make the certificate valid for a short amount proof device which contains means for verifying the 
of lime (such as one day). The CA may indicate to the CA-authenticated information and providing the deduced 
intermediary that a certificate should be deemed valid for a information. For instance, in response to a query asking 
longer period (e.g.. one week). In this case the intermediary whether a given serial number corresponds to a valid 
may, daily for seven days, provide a digital signature that certificate, the query and the relevant CRL (signed by the 
indicates that the certificate is valid. Alternatively, the inter- 15 CA) are input to the tamper-proof device. The tamper-proof 
mediary may produce a single digital signature that proves device then verifies the CA's signature of the CRL and 
that the certificate is valid for seven more days. Note that in determines the queried serial number is in the CRL. The 
this case too, the CA retains control of which certificates are tamper-proof device computes and outputs a signed indica- 
issued, valid, revoked, etc. and the directory acts as a witness tfon of the status of the certificate corresponding to queried 
of decisions of the CA. serial number. The response by the tarnper-proof device may 

The authenticated deduced information may be provided include the date of the CRL used to determine the response, 

to the intermediary to the user even if there is no specific If the digital signature of the CRL is not correct (or if the 

request for the information. For instance, the intermediary CRL is not up-to-date), then the tarnper-proof device may 

may periodically update the user with the authenticated not produce a response. Note that the tarnper-proof device 

deduced information, may not have sufficient memory capacity to store the entire 

When an intermediary provides authenticated deduced CRL simultaneously. However, if the digital signature of the 

information in response to a query, men it is useful that the CRL is applied to a one-way hash of the contents of the 

intermediary also authenticates the query and provides the CRL, and if the one-way hash is computed by executing a 

authenticated query with the response. For instance, the „ function on the CRL sequentially, then the tamper-r*oof 

intermediary may provide a digital signature of an indication device may simply read and store at one time as much of the 

of the query together with the deduced information that CRL needed to compute the function. After computing the 

responds to the query. One such indication of a query may, hash, the tamper-proof device may then verify the signature 

for instance, consist of a one-way hash of the query. Indud- of the CA. 

ing such an authenticated query enhances the accountability 35 The feasibility and the cost effectiveness of intermediaries 

of the intermediary and allows for more compact deduced with tamper-proof hardware make such intermediaries 

information. For instance, a query may consist of a list of K appealing in several scenarios. In addition, intermediaries 

certificate identifiers and the response by the intermediary with tarnper-proof hardware make it possible for a user to 

may be a digital signature of the one-way hash of the K query about some certificate information to the intermediary 

identifiers (in the order in which the identifiers were ^ without revealing what the queried information may be if the 

received) together with a K-bit string S, where the ith bit of query information is processed in the tamper-proof portion. 

S is one if the ith identifier corresponds to a valid certificate For instance, assume that a user wishes to make a query 

and is zero otherwise. about a single certificate, and that hiding just the serial 

A user query need not be as simple as asking whether a number is deemed appropriate to the user. In that case, the 

given sequence of certificates is valid For instance, a user 45 user's individual query may specify the CA in the clear and, 

may inquire about all certificates revoked by a given CA in addition, encrypt the serial number with a key of the 

a given two day interval. In .that case, the set of certificates secure-hardware (e.g., a public key). Note that if the user key 

the user is asking about may not be known in advance to the is already known or easily obtainable by the tamper-proof 

user. Nonetheless, the setis implicitly specified by the user's hardware, then there is no need to specify the user within the 

query and may be easily answered by the mtermediary & query. Also, if the user key is a public key, then the user key 

without introducing irrelevant information in the response. may be specified in the clear. 

More generally, a query may consist of program to be The mtermediary may input a CA-authenticated CRL to 

executed on the CA-authenticated certificate information the tarnper-proof hardware. The hardware may men decrypt, 

that specifies the information of interest to the user. for instance, a serial number from the query and deduce die 

This approach may thus do away with any excess of 55 correct response using the CRL, encrypt the response with 

information. User queries may be answered in a ''minimal- the user key, sign the encrypted response, and output the 

isf way, no matter what set of certificates the user may be result. (If encryption with the response key is deemed 

interested in. Notice too that the format in which the CA sufficient authentication that the answer comes from the 

conveys information to the intermediary is not too relevant secure hardware, then the signature step could be skipped 

provided mat it is sufficient for answering user requests. Alternatively, the hardware may first sign the answer and 

An intermediary may access information authenticated then sign the result Alternatively yet the hardware may sign 

only by a CA or may access information authenticated by both inside and outside the encryption layer.) Thus, the 

other entities. The authenticated information may be from intermediary (or an eavesdropper for mat matter) never 

more than one source, such as multiple CA's, multiple learns the queried serial number. 

entities, or some combination thereof. 65 Note that, if an intermediary consists of tarnper-proof 

In an alternative embodiment an intermediary may be hardware only, then encrypting a query with a key of such 

implemented using tarnper-proof hardware or the interme- a device may still be useful against eavesdroppers since 
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having such a device fully learn the query may not matter if receives data-base information only from the CAs, either 

there are no instructions that reveal the query to the outside, directly or indirectly. Alternatively, it may be that two or 

or if the query can not be extracted from the device. more of the intermediaries may be entities who have access 

Alternatively, rather than specifying the CA in the clear, to * common data-base containing CA-signed information, 

the user may specify the CA within the encrypted query. In 5 Whether or not the intermediaries are dependent in some 

this case, the secure hardware is used to specify the CA to fashion and/or access some of the same information, it may 

the intermediary. Also the system described herein may be convenient that a user addresses his own queries to a 

make the CA's identify "invisible" to possible eavesdrop- specific intermediary who will then obtain (at least some of) 

pers: if the hardware learns the CA's identity with an the answers signed by other intermediaries, and then send 

intermediary key, or if the communication lines between the 10 those answers to the user. Such a specific intermediary may 

hardware and the CA cannot be eavesdropped upon (e.g., actually add to or replace some of the other intermediaries' 

because the lines are "intcrnaT or protected). answers and then sign the modified answers. 

It is also possible to use tamper-proof hardware to hide the The mtermediaries may use threshold signatures so that a 

CA's identity from the intermediary. For instance, the CA's user obtains a single signature (rather man k signatures) that 

identity may be specified within the query encrypted with 15 proves that at least t out of n mtermediaries have approved 

the key of the tamper-proof hardware. Thus, after learning a given answer to a user query. In particular, it is possible to 

the CA's identity and the user's request the tamper-fa-oof ensure that fc=n, that is, that all intermediaries approve a 

hardware may request from the intermediary the latest CRLs given answer. This signature savings can be made, depend- 

of two or more CAs even though only one of the CAs has ing on the system used, by the user, by one or more 

issued the certificates) of interest. Of course, after receiving 20 intermediaries, by some other entity, or by a mixture of the 

these CKLs, the hardware may ignore the unused CRLs above. 

when computing the response. For further security or privacy, requests by a user may be 

More generally, secure hardware may be used simply to made anonymously, or encrypted, in a way that allows only 

obtain CA-signed certificate information, but without having certain intermediaries (or the equipment of certain 

the intermediary learn exactly what information was intermediaries, such as their computer or special pieces of 

requested an&or provided. For instance, the encrypted query hardware — such as certain protected chips of theirs) to 

may be about the latest CRL of a given CA, and the decrypt the requests. Similarly, answers may be encrypted in 

tamper-proof hardware may ask the intermediary for the a user's key or encrypted in some other fashion. It is also 

latest CRLs of three different CAs. Then, the tamper-proof ^ possible to hide the identity of the users from the interme- 

hardware may encrypt only the CRL of interest (or all three diaries. 

CRLs) with a user key. Notice that both the length of the Digital signatures or other types of digital authentications 

query and mat of the answer may be extended with padding. may be used to authenticate information. Some types of 

Also the identify of the querying user can be hidden from authentication may not require any additional steps if, for 

the intermediary in the system described herein by combin- 35 instance, secure communication channels are used. The 

ing the system with known techniques such as those system described herein allows for billing the user for 

described in Cha urn's article rifled •Untraceable Electronic responding the user's queries. 

Mail. Return Addresses and Digital Pseudonyms". Note that a traditional CA-signed certificate showing that 
In an alternative embodiment, deduced information may a given public key PK belongs to a user U can be very long 
be authenticated by a number of different mtermediaries, 40 if it is accompanied by or incorporates a certificate for the 
each individually signing the deduced information. The user public key relative to which the CA signs the certificate. In 
may then verify the intermediaries* digital signatures and the fact, the public key may not be universally known, and thus 
fact that their answers are equal or equivalent To facilitate / N needs to be certified, so that the public key may be trusted 
the verification that a query about a set of certificates result by a verifying user. Such a certification may involve an 
in identical answers from different intermediaries, one may 45 hierarchical procedure: the public key of the signing CA, 
adopt proper encodings and standards for intermediary PK1 . is further signed by another (preferably higher) author- 
answers. For instance, all certificates in the set may be ity relative to another public key, PK2. If PK2 is not 
answered one by one, or are answered collectively. The user universally known, then PK2 is signed by a yet another 
may then be assured that the query has been answered authority relative to a yet another public key PK3. The 
correctly by verifying that at least a given number of so procedure is continued until a signature is produced relative 
intermediary (e.g., all intermediaries) have answered the to a public key PKn that is sufficiently known (e.g., known 
query and that the answers provided by the given number of by the receiver of the certificate), Such hierarchical 
mtermediaries are consistent If intermediaries are chosen certificates, therefore, are quite long, 
with trustworthiness criteria in mind, the chance that a The witness-based systems discussed herein provides a 
number of intermediaries may collude against the user or lie 55 mechanism for obtaining shorter certificates in which a 
in the same way can be taken to be negligibly small. hierarchical certificate for a given public key includes 
Furthermore, one should realize that there is plenty of authenticated certificate information that is verified by one 
evidence about the certificate status of a given certificate; in or more witnesses (possibly making use of one or more 
particular, other users may be in possession of CA-signed tamper-proof devices). See U.S. patent application No. 
documents relative to the status, and the CA's themselves eo 08/636.854, filed on Apr. 23, 1996, which is incorporated by 
could be consulted about the status (eg., in a litigation). reference herein, now U.S. Pat. No. 5,604,804. If the hier- 
Thus. an intermediary that lies cannot do so with impunity. archical certificate is verified, then shorter deduced certifi- 
Note that there may be any number of intermediaries, such cate information may be authenticated by reissuing the 
as two, three, four or five. certificate in a way that dispenses with hierarchical certifi- 
It should also be realized that the intermediaries may have 65 cation altogether or simply uses a subset of the hierarchical 
various degrees of independence. For instance, it may be certificate (e.g., uses a shallower hierarchy of public keys/ 
that each intermediary has an independent data-base, and digital signatures). 
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For example, a witness may directly sign quantities the SCRL having A and B as upper and lower bounds, 

extracted from an original certificate (such as the public key respectively. For instance, it is possible to have a first SCRL 

PK, the user U, the expiration date, possibly the original CA, convey revelation information about all certificates having 

etc.), possibly new quantities (such as a witness identifier, a serial numbers between 1 and 1000, a second SCRL convey 

witness* signing algorithm identifier, etc.), and possibly 5 information about all certificates having serial numbers 

some modified quantities (such as a shorter expiration date. between 1000 and 2000, etc. Note that it is preferable that 

or a longer expiration date, preferably if so indicated by a the numeric intervals of all the SCRLs cover the entire serial 

proper authority). Hie signature of the witness may be number space (e.g., by overlaying) so that for each send 

relative to the witness' public key. If the public key of the number X there exists at least one SCRL having an interval 

witness is universally known, then the reissued certificate is 1Q that contains X. Of course, SCRLs may be used to convey 

much shorter and can be universally verified. Otherwise, the other information. 

witness* signature may be accompanied by or incorporate a The bounds A and B may be identified and/or authenti- 

certificate for the witness 1 public key, which may be much cated without having the bounds explicitly appear in the 

shorter than the certificate for the public key of the original SCRL(e.g., identified and/or authenticated separately). 

CA. Indeed, witnesses may be chosen so that the public keys |S Alternatively, for instance, if an SCRL provides information 

of the chosen witnesses are either universally known or have about all revoked certificates having a serial number 

very short certificates. The shorter certificate may include or between zero and B, then it is possible to authenticate only 

be accompanied by the original CA signature and/or some the upper bound B within the SCRL if any serial number of 

other portions of the original hierarchical certificate. an issued certificate is greater than zero. Of course, it is 

The compact certificate reissuance system using wit- w possible for the lower bound of an entire certificate system 

nesses can be realized by having the witness use tamper- to be a number other than zero, in which case the lower 

proof hardware as discussed above, or by having a multi- bound does not need to explicitly appear within the SCRL. 

plicity of witnesses (at least some of which may use tamper. Similarly, if a certificate system has an absolute upper 

proof hardware). If there is a multiplicity of witnesses, they bound, there is no need to identify and/or authenticate that 

may, for instance, use a threshold digital signature. ^ absolute upper bound within an SCRL. 

Alternatively, the digital signatures of at least some of the Also, the possible upper and lower bounds of an SCRL 

witnesses may be combined in order to obtain a single digital may be known a priori. Thus, it is possible to assign to each 

signature relative to a single public key. (If a "common" SCRL a progressive number or another identifier. In that 

public key is used, then it is preferable that the common case, specifying and/or authenticating the progressive num- 

public key, if not universally known, at least has a short 30 ber (or other identifier) is sufficient Alternatively, assume 

certificate j that segments are a priori chosen to be zero and 1000, 1000 

Compact certificate reissuance may be of great value to a and 2000, etc. In this case, any two elements contained in an 

public-key infrastructure, because it enables use of much SCRL arc sufficient to identify the segment of an SCRL 

shorter certificates. Indeed, it is possible a specialized com- Because such an SCRL authenticates ^identifiers of 

pany or organization that provides such a service. A shorter 35 revoked certificates contained therein, the SCRL also auto- 

reissuance may be desirable to a user because the user may matically authenticates the interval thereof In sum. 

obtain more favorable treatment if certificate provided by therefore, the lower bound and the upper bound of an SCRL 

me user is shorter. For mstanc^^ may not need to be explicitiy identified or authenticated 

for certain transactions or services by having a shorter since, in some cases, the bounds may be deduced from the 

certificate. Indeed, the certificate for the public key of a 40 SCRL. 

signer may need to be stored by the recipients of the SCRLs may be implemented by using identifiers other 

signatures, or transmitted with the signatures. Thus, shorter than serial numbers. For instance, an SCRL may use iden- 

reissued certificates may benefit the signer as well as the tifiers that include the name of the user of each certificate, 

recipients of the signatures. Alternatively, the identifiers may depend on the identity of 

Such witness-based certificate reissuance may also be 45 the CA, the CA's digital signature of the certificate, certifi- 

quite beneficial even if the reissued certificates are not cate versions, certificate serial numbers, certificate algo- 

snorter. Indeed, the reissue mechanism described herein may rithm identifiers, certificate public key information, certifi- 

also facilitate adding new formats for certificates (e.g., ones cate validity, certificate user names, and certificate date 

mat involve new fields or arrange them differently) or new information. Preferably, an SCRL also mdudes a short 

types of certificates even after a number of certificates using 50 description of a subset of identifiers about which revocation 

an old format or type have been issued. In this case, rather information is provided. 

than having the user contact the original CA (and possibly More generally, an SCRL may facilitate handling certifi- 
again need to be identified and so forth), a witness based cate revocation information without adding a new quantity 
system can first verify a given type of certificate, and if the or field in the certificates by properly using existing char- 
verification is correct reissue the certificate as a new-type 55 acteristics of conventional certificates, such as the CA s 
certificate, digital signature of the certificate, certificate versions, cer- 
CRL information may be conveyed using smaller struc- tificate serial numbers, certificate algorithm ^identifiers, ccr- 
tures called Segment CRLs (SCRL for short) by dividing the tificate public key information, certificate validity, certificate 
CRL information into a plurality of subsets where at least user names, and/or certificate date information. A conven- 
or of the subsets has at least a portion thereof authenti- 60 tional certificate is a certificate that does not contain an 
cated. An SCRL may convey authenticated revocation infor- additional field used primarily for certificate revocation 
nation about all certificates having a serial number between (e.g., a distribution point field). More generally a charac- 
a lower bound, A, and an upper bound, B. Preferably, the teristic of a conventional characteristic includes that a func- 
upper and lower bounds arc authenticated and preferably are tion evaluated on at least a portion of the certificate yields a 
authenticated within the SCRL itself. Thus, one may deter- 65 given value. For instance, the function may be a hash 
mine whether a serial number X (where X is between A and function mapping a certificate or a certificate identifier to 
B) corresponds to a revoked certificate by simply examining few bits (e.g., five bits). In this case, each five bit pattern 
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corresponds to a verifiable characteristic of the certificate. It 
is also possible to choose the function so that each SCRL is 
expected to contain roughly the same number of revoked 
certificates. 

Alternatively, the characteristics may be chosen so that 
different SCRL's each contain information corresponding to 
a different number of revoked certificates. Note mat the 
system disclosed herein allows for dynamic adjustment of 
the size of each of the authenticated sublists. For example, 
assume a first sublist corresponds to certificates having serial 
numbers between Bl and 82, a second sublist corresponds 
to certificates having serial numbers between B2 and B3. 
etc. Further assume that many certificates between Bl and 
B2 (i.e.. certificates corresponding to the first sublist) are 
revoked while relatively few certificates between B2 and B3 
(i.e.. certificates corresponding to the second sublist) are 
revoked. In that case, when the first sublist becomes much 
larger than the second sublist it is possible to adjust 132 so 
that the number of certificates contained in the first sublist is 
roughly equal to the number of certificates contained in the 
second sublist. Id such a case, the new SCRLs may include 
authenticated versions of the new upper and lower bounds. 
Alternatively, if there are too many queries about the revo- 
cation status of a specific certificate. X, then the authenti- 
cated sublist containing X could be distributed too many 
times. It is this advantageous to make the sublist containing 
X shorter to. for instance, decrease the number of bits 
transmitted in the entire system in response to queries. This 
dynamic adjustment of the characteristics allows adjustment 
of the CRL sublists in a way that is not possible if assign- 
ment to a particular sublist is determined at the time of 
certificate issuance. Note also that it is possible to dynami- 
cally adjust the characteristics used to construct the sublists 
without increasing the number of sublists. 

There may be a plurality of characteristics such that each 
certificate possesses at least one of the characteristics. Then* 
for each characteristic, an SCRL is constructed that provides 
revocation information about all certificates that possess the 
characteristic. Therefore, it is possible to establish whether 
a given certificate having a given characteristic has been 
revoked by examining a single SCRL that contains revoca- 
tion information about all certificates having the given 
characteristic. 

Note that a characteristic may not need to be explicitly 
identified or authenticated within an SCRL. Instead, the 
characteristic may be deduced from the SCRL, for example, 
by using the data stored in the SCRL. For instance, if the 
characteristic's) are known a priori, then the indication of 
one or more revoked certificates in an SCRL may be 
sufficient to determine the characteristic relative to the 
SCRL. Given that the SCRL is authenticated, then by 
implication the characteristic is also authenticated. 

Note that an SCRL facilitates certificate revocation by 
proving (e.g.. using digitally signed data) that a given 
certificate is valid (1) without also proving the validity/ 
revocation status of all certificates and (2) without requiting 
a special field or quantity within the certificates. 

The intermediary may process the authenticated certifi- 
cate information and construct one or more SCRL's that are 
then authenticated to provide authenticated deduced infor- 
mation. In addition, the intermediary may provide authen- 
ticated deduced information by authenticating one or more 
identifiers of revoked certificates without authenticating the 
revocation dates of the certificates. Alternatively, the inter- 
mediary may indicate a revocation date by using a reduced 
of bits. 
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It should also be noted that intermediaries can be read- 
only ties; in particular, read-only fries containing CA-signed 
certificate information. Therefore, it is possible to make such 
fries available for consultation to users without enabling 

5 them to tamper with the fries. In particular, intermediaries 
may "post** the intermediaries * digital signatures indicating 
validity (or revocation) of individual certificates. In fact, 
while a particular CA may not have the computational power 
to update, say. every day or hour, the status of all certificates 

io issued by the CA. intermediaries may be computationally 
much more powerful In this case, the intermediaries may 
take the daily or hourly issued information of the CA (e.g., 
new individual certificates, new individual-certificate 
revocations, and CRL) and transform the information into a 

is read-only tie containing, separately, the intermediary's own 
signature about the validity of each individual certificate in 
a separate manner. For instance, each intermediary may have 
correspond to a separate read-only file or some intermedi- 
aries may store information in a common read-only tie used 

20 by more than one intermediary. 

It will be appreciated by one of ordinary skill in the art 
that the system described herein may be applied to public 
key certificates as well as any other types of certificates that 
may be revoked. Also, a CA could be any authority. In 

25 particular, it is not necessary that such an authority be the 
authority that issued the certificates being revoked Note that 
an intermediary includes a directory, a user, an authority, a 
computer tie, a read-only tie, a machine, or any entity that 
causes information to be provided to another entity. Indeed, 

30 such an intermediary may receive information and send that 
information to other users. Mare generally, the intermediary 
may simply cause a user to receive information from another 
entity, such as another user, an other directory, an other 
intermediary, an other CA, and so forth. For instance, an 

35 intermediary could be a computer file that causes users to 
receive the information stored therein by being accessible to 
the users. Similarly, the system disclosed herein may be used 
advantageously by users to receive information about 
revoked certificates or valid certificates. 

40 It will be appreciated by one of ordinary skill in the art 
that although the system has been illustrated herein using 
serial numbers to identify certificates, it is straight-forward 
to practice the system by using identifiers, other than serial 
numbers. Such identifiers include a hash (such as a one-way 

45 hash) of at least a portion of a certificate or other convention 
or unconventional ways for identifying a certificate. In 
particular, a certificate identifier may include the name of the 
user about which the certificate has been issued (e.g., the 
owner of a public key in the case of a public key certificate). 

50 While the invention has been disclosed in connection with 
the preferred embodiments shown and described in detail, 
various modifications and improvements thereon will 
become readily apparent to those skilled in the art. 
Accordingly, the spirit and scope of the present invention is 
to be limited only by the following claims. 
What is claimed is: 

1. A method for an intermediary to provide certificate 
information, comprising the steps of: 
w (a) receiving from a first other entity authenticated cer- 
tificate information; 
(b) processing at least a portion of the authenticated 
certificate information to obtain deduced information 
that is not part of the authenticated information; 
63 (c) if the deduced information is consistent with the 
authenticated certificate information, having a witness 
construct authenticated deduced information by 



05/28/2004, EAST Version: 1,4.1 



5,717,758 

17 18 

authenticating at least one of: the deduced information, tificates and wherein processing includes obtaining the 

the deduced information together with date deduced information by determining that a proper subset of 

information, and the deduced information together with the certificates are valid. 

additional information; and 20. A method according to claim 1. wherein the authen - 

(d) providing the authenticated deduced information. 5 ticated certificate information relates to a plurality of cer- 

2. A method according to claim 1, wherein the date tificates and wherein processing includes obtaining the 
information is at least one of:the current date and date deduced information by determining which of a proper 
information of the authenticated certificate information. subset of the certificates are valid and which of a proper 

3. A method according to claim 1, wherein the witness subset of the certificates are revoked. 

does the processing. 10 21. A method according to claim 1. wherein processing 

4. A method according to claim 1, wherein the witness is includes obtaining the deduced information by identifying 
the intermediary. ^ 0 f me revoked certificates sharing a given characteristic 

5. A method according to claim 4. wherein the authenti- ^ A method according to claim 21, wherein the addi- 
cated deduced information includes a digital signature. information includes an indication of the characteris- 

6. A method according to claim 5, wherein the digital ^ 

signature is relative to a verification key that is part of an 1 c ^ A according to daim %x whercin ^ 

issued certificate. teristic includes having a certificate identifier between two 

7. A method according to claim 6, wherein the digital ^ values 

signature is computed by applying a one-way function to 24. A method according to claim 21. wherein the charac- 

one or more secret values. 20 te ristic includes a distribution point that is assigned by an 

8. A method according to claim 6, wherein the digital . authority when a certificate is created, 
signature is computed by iterating a one-way function. ^ mcthod according to claim L wherein the authen- 

9. A method according to claim 5 wherein the digital ceftificate information indicates a verification key of 
signature keeps the witness accountable for the fact that the a certificate the ^0^^ indicates that the 
authenticated deduced information is consistent with the ^ ccrtificate is vali(L ^ providing the authenticated deduced 
authenticated certificate information. infonnation includes Reducing a digital signature relative to 

10. A method according to claim 9, wherein at least one ^ verification to ^ the certificate is valid, 
ofrthe intermediary and the witness cause the aumenticated ^ A to cUim h whcrci n me authen- 
information to be saved in order to prove that the deduced certificate information deludes at least one of undi- 
information is consistent with authenticated certificate infor- ^ of indication of revoked cer- 
mation. tificates 

11. A method according to claim 1, wherein the autfaen- ^ Ametnod Qccar ^ ng to c ^ im ^ wherein the indica- 
ticated certificate information includes a digital signature. ^ mcludes a CRL. 

12. A method according to claim 1, wherein the witness ^ A metnod accor ding to claim 1, wherein the authen- 
determines if the deduced information is consistent with the ^ certificate information includes at least one of unfor- 
authenticated certificate information. mation indicating issued certificates and information ind> 

13. A method according to claim 1, wherein processing certificates that should no longer be issued, and 
includes the steps of: wherein the authenticated deduced information indicates 

(a) extracting identifiers of revoked certificates from the mat ^ |east one certificate is valid. 

authenticated certificate information; and ^ 2 9. A method according to claim 28, whercin the authen- 

(b) providing the deduced information by dividing the ticated deduced information includes at least one reissued 
identifiers of the revoked certificates into a plurality of certificate indicating that the certificate is valid. 

lists, wherein each of the lists includes all identifiers 30 A method according to claim 28, wherein the authen- 

between a first value and a second value. ticated deduced information includes at least one reissued 

14. A method according to claim 13, wherein the identi- 45 certificate indicating that a validity period of the certificate 
tiers include serial numbers. has been modified. 

15. A method according to claim 13, wherein the identi- 31 A method according to claim 1, wherein the authen- 
fiers include user names. ticated certificate information includes at least one of dnfor- 

16. A method according to claim 1, wherein processing mation indicating issued certificates and information indi- 
includes the steps of: 50 eating certificates that should be reissued, and wherein the 

(a) extracting an identifier of a revoked certificates from aumenticated deduced information includes at least one 
the aumenticated certificate information; and reissued certificate indicating that the certificate is valid. 

(b) providing an indication that the identifier corresponds 32. A method according to claim 1, wherein the authen- 
to a revoked certificate. ticated certificate information includes at least one ofiinfor- 

17. A method according to claim 1, wherein processing 55 mation indicating issued certificates and information indi- 
includes the steps of: eating certificates that should be reissued, and wherein the 

(a) deducing from the authenticated certificate informa- authenticated deduced information includes at least one 
tion that a certificate is valid; and reissued certificate indicating that a validity period of the 

(b) providing an indication that the certificate corresponds certificate has been modified. 

to a valid certificate. 60 33. A method according to claim 1, wherein the authen- 

18. A method according to claim 1, wherein the authen- ticated certificate information includes at least one ofanfor- 
ticated certificate information relates to a plurality of cer- mation indicating issued certificates and information indi- 
tificates and wherein processing includes obtaining the eating currently valid certificates and wherein the deduced 
deduced information by determining that a proper subset of information indicates that at least one certificate is revoked, 
the certificates has been revoked. 65 34. A method according to claim 1, wherein the authen- 

19. A method according to claim 1, wherein the authen- ticated certificate information includes at least one of anfor- 
ticated certificate information relates to a plurality of cer- mation indicating revoked certificates and information indi- 
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eating valid certificates and wherein the deduced 
information indicates that at least one certificate is issued. 

35. A method according to claim 1. wherein the witness 
uses tamper-proof hardware. 

36. A method according to claim 35. wherein the tamper- 
proof hardware has a secret key used to authenticate the 
deduced information. 

37. A method according to claim 35, wherein the tamper- 
proof hardware is implemented using a single integrated 
circuit 

38. A method according to claim 35. wherein the witness 
is the intermediary. 

39. A method according to claim 38. wherein the witness 
performs the processing step. 

40. A method according to claim 35. wherein the witness 
performs the processing step. 

41. method according to claim 35, wherein the authenti- 
cated deduced information is provided in response to a query 
of a user. 

42. A method according to claim 41. wherein at least a 
portion of the query is hidden from the intermediary. 

43. A method according to claim 42, wherein at least a 
potion of the query is encrypted with a key of the tamper- 
proof hardware. 

44. A method according to claim 42. wherein at least a 
portion of the query remains hidden from the intermediary 
when the authenticated deduced information is provided. 

45. A method according to claim 41. wherein at least a 
portion of the query is encrypted with a key of the tamper- 
proof hardware. 

46. A method according to claim 45. wherein the query 
relates to one or more certificates, and at least one serial 
number of the one or more certificates is encrypted with the 
key of the tamper-proof hardware. 

47. A method according to claim 45, wherein the query 
includes an indication of a key of the user. 

48. A method according to claim 47. wherein the key of 
the user is encrypted with the key of the tamper-proof 
hardware. 

49. A method according to claim 48. wherein at least a 
portion of the authenticated deduced information is 
encrypted with the key of the user. 

50. A method according to claim 49, wherein at least a 
portion of the query remains hidden from the intermediary 
when the authenticated deduced information is provided. 

51. A method according to claim 47, wherein at least a 45 
portion of the authenticated deduced information is 
encrypted with the key of the user. 

52. A method according to claim 51, wherein at least a 
portion of the query remains hidden from the intermediary 
when the authenticated deduced information is provided. 

53. A method according to claim 1, wherein a second 
other entity determines if the deduced information is con- 
sistent with the authenticated certificate information. 

54. method according to claim 53, wherein the second 
other entity provides the witness with an indication that the 
deduced information is consistent with the authenticated 
certificate information. 

55. A method according to claim 1. wherein the authen- 
ticated deduced information is provided in response to a 
query. 

56. A method according to claim 55, wherein the query 
includes of a program that operates on the authenticated 
certificate information. 

57. A method according to claim 55. wherein the query is 
encrypted. 

58. A method according to claim 55, wherein the addi- 
tional information includes an indication of the query. 
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59. A method according to claim 58, wherein the indica- 
tion of the query includes a one-way hash of the query. 

60. A method according to claim 1, wherein the deduced 
information contains less bits that a smallest piece of cer- 
tificate information that is unable for obtaining the deduced 
information wherein the certificate information is informa- 
tion that is authenticated in the authenticated certificate 
information. 

61. A method according to claim 1, wherein the deduced 
information is different from any piece of certificate infor- 
mation that is usable for obtaining the deduced information 
wherein the certificate information is information that is 
authenticated in the authenticated certificate information. 

62. A method according to claim 1, wherein the interme- 
diary does not revoke certificates. 

63. A method according to claim 1. wherein the interme- 
diary does not issue certificates. 

64. A method according to claim 1, wherein the first other 
entity is a certification authority. 

65. A method according to claim 1. wherein the deduced 
information is authenticated by being posted in a read-only 
file that is writable only by at least one of :the witness and the 
intermediary. 

66. A method according to claim 1. wherein the authen- 
ticated certificate information includes a hierarchical certifi- 
cate and wherein the authenticated deduced information 
includes a reissued certificate. 

67. A method according to claim 66. wherein the reissued 
certificate includes at least one of: a digital signature of the 
witness and a digital signature of the witness together with 
a certificate for a public key of the witness. 

68. A method according to claim 66, wherein the reissued 
certificate expires when the hierarchical certificate expires. 

69. A method according to claim 66, wherein the reissued 
certificate contain less bits than the hierarchical certificate. 

70. A method according to claim 66, wherein the reissued 
certificate contains less hierarchical certificate information 
than the hierarchical certificate. 

71. A method according to claim 70, wherein the reissued 
certificate does not contain at least one digital signature 
contained in the hierarchical certificate. 

72. A method according to claim 66, wherein the reissued 
certificate is verifiable by verifying the signatures of less 
authorities than the hierarchical certificate. 

73. A method according to claim 66, wherein the reissued 
certificate is verifiable relative to a universally known public 
key by verifying the signatures of less authorities than the 
hierarchical certificate. 

74. A method according to claim 73, wherein the reissued 
certificate and the hierarchical certificate are verifiable rela- 
tive to the same universally know public key. 

75. A method for an intermediary to provide certificate 
information, comprising the steps of: 

(a) receiving from a first other entity authenticated cer- 
tificate information; 

(b) processing at least a portion of the authenticated 
certificate information to provide deduced information 
that is not part of the authenticated information; 

(c) if the deduced information is consistent with the 
authenticated certificate information, having a plurality 
of witnesses construct authenticated deduced informa- 
tion by authenticating at least one of: the deduced 
information, the deduced information together with 
date information, and the deduced information together 
with additional information; and 

(d) providing the authenticated deduced information. 

76. A method according to claim 75. wherein one of the 
witnesses is the intermediary. 
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77. A method according to claim 75, wherein processing 81. A method according to claim 80. wherein at least two 
is performed by each of the witnesses. of the witnesses have a portion of a secret signing key. 

78. A method according to claim 75, wherein at least two g£ A method according to claim 80. further comprising 
of the witnesses produce a digital signature. the step of: 

19. A method according to claim 78. wherein the digital J ^ ^ lcast ^ of me witnesses contribute a digital 

signatures of the at least two of the witnesses are combined signa ^ eo f at least one of Ae deduced information, the 

m, ° a signature. . information together with date information. 

80. A method for an intermediary to provide certificate ucuutou uuuuuouvu 6 . ... . . 

information! comprising the steps of: and the deduced information together with additional 

(a) receiving from a fin. other entity authenticated cer- "> ^^^S according t0 claim 82 . ^ c^ing 
tincate information; ^ ^. ^ 

(b) processing at least a portion of the authenticated * , ^ _ , A 

l) c5L information to provide deduced information (0 combining digital signatures of at least two of the 

that is not part of the authenticated infarmation; . witnesses into a single digital signature. 

(c) if the deduced information is consistent with the 15 *». A method according to claim 83, further comprising 
authenticated certificate information, having a plurality ^ c ^ of : 

of witnesses contribute to authenticating at least one of: (g) using a t-out-of-n digital signature scheme to combine 

the deduced information, the deduced information the digital signatures. 

together with date information, and the deduced infor- ^ 85. A method according to claim 84, wherein t equals n. 
mation together with additional information; and 

(d) providing the authenticated deduced information. ***** 
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